DOI QR코드

DOI QR Code

A Secure Authentication Method for Smart Phone based on User's Behaviour and Habits

  • Lee, Geum-Boon (Dept. of Computer Security, Chosun College of Science & Technology)
  • Received : 2017.08.16
  • Accepted : 2017.09.18
  • Published : 2017.09.30

Abstract

This paper proposes a smart phone authentication method based on user's behavior and habit that is an authentication method against shoulder surfing attack and brute force attack. As smart phones evolve not only storage of personal data but also a key means of financial services, the importance of personal information security in smart phones is growing. When user authentication of smart phone, pattern authentication method is simple to use and memorize, but it is prone to leak and vulnerable to attack. Using the features of the smart phone pattern method of the user, the pressure applied when touching the touch pad with the finger, the size of the area touching the finger, and the time of completing the pattern are used as feature vectors and applied to user authentication security. First, a smart phone user models and stores three parameter values as prototypes for each section of the pattern. Then, when a new authentication request is made, the feature vector of the input pattern is obtained and compared with the stored model to decide whether to approve the access to the smart phone. The experimental results confirm that the proposed technique shows a robust authentication security using subjective data of smart phone user based on habits and behaviors.

Keywords

References

  1. N. Clarke, S. Furnell, P. Rodwell, and P. Reynolds, "Acceptance of Subscriber Authentication Methods For Mobile Telephony Device," Computer & Security, Vol. 21, No. 3, pp. 220-228, June 2002. https://doi.org/10.1016/S0167-4048(02)00304-8
  2. H. Zhang, C. Yan, P. Zhao, and M. Wang, "Model construction and authentication algorithm of virtual keystroke dynamics for smart phone users," 2016 IEEE International Conference on Systems, Man, and Cybernetics, pp. 000171-000175, October 2016.
  3. M. Trojahn, and F. Ortmeier, "Toward mobile authentiction with keystroke dynamics on mobile phones and tablets," 27th International Conference on Advanced Information Networking and Applications Workshops, pp. 697-702, 2013.
  4. K. D. Rajat, M. Sudipta, and B. Puranjoy, "User Authentication Based on Keystroke Dynamics," IETE Journal of Research, Vol. 60, No. 3, pp. 229-239, July 2014. https://doi.org/10.1080/03772063.2014.914686
  5. S. Hwang, S. Cho, and S. Park, "Mobile User Authentication using Keystroke Dynamics Analysis," Conference Korea Operations Research And Management Society, pp. 652-655, Nov. 2006.
  6. T. Shari, S. Cal, and K. Larry et al., "Biometric authentication on a mobile device: a study of user effort, error and task disruption," Proceedings of the 28th Annual Computer Security Applications Conference, pp. 159-168, 2012.
  7. J. S. A-Falconi, H. A. Osman and A. E. Saddik, "ECG Authentication for Mobile Devices," IEEE Transactions on Instrumentation and Measurement, Vol. 65, Issue. 3, pp. 591-600, 2016. https://doi.org/10.1109/TIM.2015.2503863
  8. Y. Zheng and Z. Sihui, "A Usable Authentication System Based on Personal Voice Challenge," Proceeding of 2016 International Conference on Advanced Cloud and Big Data, pp. 194-199, Aug. 2016.
  9. T. Ko, T. Shon, and M. Hong, "A Study on the Korean-Stroke based Graphical Password Approach," Journal of the Korea Institute of Information Security & Cryptology, Vol. 22, No. 2, pp. 189-200, April 2012.
  10. W. Hu, X. Wu, and G. Wei, "The security analysis of graphical passwords," Proceedings of 2010 International Conference on Communications and Intelligence Information Security, pp. 200-203, Oct. 2010.
  11. H. Gao, Z. Ren, X. Chang, X. Liu, and U. Aickelin, "A new graphical password scheme resistanct to shoulder-surfing," Proceedings of International Conference on Cyberworlds, pp. 194-199, Oct. 2010.
  12. L. Ballard, D. Lopresti, and F. Monrose, "Evaluating the Security of Handwriting Biometrics," Proceedings of 10th International Workshop on Frontiers in Handwriting Recognition, pp. 461-466, Oct. 2006.
  13. A. Buriro, B. Crispo, F. Delfrari, and K. Wrona, "Hold and Sign: A Novel Behavioral Biometrics for Smartphone User Authentication," Proceedings of 2016 IEEE Security and Privacy Workshops, pp. 276-285, May 2016.